Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(4240)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: chrome/browser/ui/webui/interstitials/interstitial_ui.cc

Issue 1509073002: Fixes for Safe Browsing with unrelated pending navigations. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: review changes for comment #10 Created 5 years ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« chrome/browser/safe_browsing/ui_manager.h ('K') | « chrome/browser/ui/webui/interstitials/interstitial_ui.h ('k') | chrome/test/data/safe_browsing/malware_delayed_loads.html » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: chrome/browser/ui/webui/interstitials/interstitial_ui.cc
diff --git a/chrome/browser/ui/webui/interstitials/interstitial_ui.cc b/chrome/browser/ui/webui/interstitials/interstitial_ui.cc
index 5094a45e8b4c21e17caa1a49ced2eb3894b36ad8..5105c556ed1e1d19e38cf1179ba75c30991f68a9 100644
--- a/chrome/browser/ui/webui/interstitials/interstitial_ui.cc
+++ b/chrome/browser/ui/webui/interstitials/interstitial_ui.cc
@@ -1,6 +1,9 @@
// Copyright 2014 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
+//
+// Implementation of chrome://interstitials demonstration pages. This code is
+// not used in displaying any real interstitials.
Charlie Reis 2015/12/17 19:24:18 nit: Please put this comment above the class decla
mattm 2015/12/18 21:41:04 Done.
#include "chrome/browser/ui/webui/interstitials/interstitial_ui.h"
@@ -17,6 +20,8 @@
#include "components/grit/components_resources.h"
#include "components/security_interstitials/core/ssl_error_ui.h"
#include "content/public/browser/interstitial_page_delegate.h"
+#include "content/public/browser/render_process_host.h"
+#include "content/public/browser/render_view_host.h"
#include "content/public/browser/web_contents.h"
#include "content/public/browser/web_ui.h"
#include "content/public/browser/web_ui_controller.h"
@@ -187,35 +192,44 @@ safe_browsing::SafeBrowsingBlockingPage* CreateSafeBrowsingBlockingPage(
if (GURL(url_param).is_valid())
request_url = GURL(url_param);
}
+ GURL main_frame_url(request_url);
+ // TODO(mattm): add flag to change main_frame_url or add dedicated flag to
+ // test subresource interstitials.
std::string type_param;
if (net::GetValueForKeyInQuery(web_contents->GetURL(),
"type",
&type_param)) {
+ // TODO(mattm): add param for SB_THREAT_TYPE_URL_UNWANTED.
if (type_param == "malware") {
- threat_type = safe_browsing::SB_THREAT_TYPE_URL_MALWARE;
+ threat_type = safe_browsing::SB_THREAT_TYPE_URL_MALWARE;
} else if (type_param == "phishing") {
threat_type = safe_browsing::SB_THREAT_TYPE_URL_PHISHING;
} else if (type_param == "clientside_malware") {
threat_type = safe_browsing::SB_THREAT_TYPE_CLIENT_SIDE_MALWARE_URL;
} else if (type_param == "clientside_phishing") {
threat_type = safe_browsing::SB_THREAT_TYPE_CLIENT_SIDE_PHISHING_URL;
- // Interstitials for client side phishing urls load after the page loads
- // (see SafeBrowsingBlockingPage::IsMainPageLoadBlocked), so there should
- // either be a new navigation entry, or there shouldn't be any pending
- // entries. Clear any pending navigation entries.
- content::NavigationController* controller =
- &web_contents->GetController();
- controller->DiscardNonCommittedEntries();
}
}
safe_browsing::SafeBrowsingBlockingPage::UnsafeResource resource;
resource.url = request_url;
- resource.threat_type = threat_type;
- // Create a blocking page without showing the interstitial.
+ resource.is_subresource = request_url != main_frame_url;
+ resource.is_subframe = false;
+ resource.threat_type = threat_type;
+ resource.render_process_host_id =
+ web_contents->GetRenderProcessHost()->GetID();
+ resource.render_view_id = web_contents->GetRenderViewHost()->GetRoutingID();
+ resource.threat_source = safe_browsing::ThreatSource::LOCAL_PVER3;
+
+ // Normally safebrowsing interstitial types which block the main page load
+ // (SB_THREAT_TYPE_URL_MALWARE, SB_THREAT_TYPE_URL_PHISHING, and
+ // SB_THREAT_TYPE_URL_UNWANTED on main-frame loads) would expect there to be a
+ // pending navigation when the SafeBrowsingBlockingPage is created. This demo
+ // creates a SafeBrowsingBlockingPage but does not actually show a real
+ // interstitial. Instead it extracts the html and displays it manually, so the
+ // parts which depend on the NavigationEntry are not hit.
return safe_browsing::SafeBrowsingBlockingPage::CreateBlockingPage(
g_browser_process->safe_browsing_service()->ui_manager().get(),
- web_contents,
- resource);
+ web_contents, main_frame_url, resource);
}
#if defined(ENABLE_CAPTIVE_PORTAL_DETECTION)
« chrome/browser/safe_browsing/ui_manager.h ('K') | « chrome/browser/ui/webui/interstitials/interstitial_ui.h ('k') | chrome/test/data/safe_browsing/malware_delayed_loads.html » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698